diff options
author | Ermal Luçi <eri@pfsense.org> | 2010-02-24 23:56:47 +0000 |
---|---|---|
committer | Ermal Luçi <eri@pfsense.org> | 2010-02-24 23:58:51 +0000 |
commit | e8a58de43ba4b6561673a8ec8290788c95fc29c5 (patch) | |
tree | ddf746fea31df3e0a6fa9cb1613032a00afb528c /usr/local | |
parent | 44be6dba37be635997b482af5cffc48f15257461 (diff) | |
download | pfsense-e8a58de43ba4b6561673a8ec8290788c95fc29c5.zip pfsense-e8a58de43ba4b6561673a8ec8290788c95fc29c5.tar.gz |
Add support for authenticating users against server specified in the system->user manager->servers for openvpn. While there propperly fill the shared secret field for raidus in the servers page.
Diffstat (limited to 'usr/local')
-rw-r--r-- | usr/local/www/system_authservers.php | 1 | ||||
-rw-r--r-- | usr/local/www/vpn_openvpn_server.php | 29 |
2 files changed, 29 insertions, 1 deletions
diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index c0ed3dd..edf2e0a 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -95,6 +95,7 @@ if ($act == "edit") { $pconfig['radius_host'] = $a_server[$id]['host']; $pconfig['radius_auth_port'] = $a_server[$id]['radius_auth_port']; $pconfig['radius_acct_port'] = $a_server[$id]['radius_acct_port']; + $pconfig['radius_secret'] = $a_server[$id]['radius_secret']; if ($pconfig['radius_auth_port'] && $pconfig['radius_acct_port'] ) { diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index 4617e5c..c58942f 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -44,6 +44,10 @@ if (!is_array($config['openvpn']['openvpn-server'])) $a_server = &$config['openvpn']['openvpn-server']; +if (!is_array($config['system']['authserver'])) + $config['system']['authserver'] = array(); +$auth_servers =& $config['system']['authserver']; + $id = $_GET['id']; if (isset($_POST['id'])) $id = $_POST['id']; @@ -82,6 +86,7 @@ if($_GET['act']=="edit"){ $pconfig['disable'] = isset($a_server[$id]['disable']); $pconfig['mode'] = $a_server[$id]['mode']; $pconfig['protocol'] = $a_server[$id]['protocol']; + $pconfig['authmode'] = $a_server[$id]['authmode']; $pconfig['interface'] = $a_server[$id]['interface']; if (!empty($a_server[$id]['ipaddr'])) { $pconfig['interface'] = $pconfig['interface'] . '|' . $a_server[$id]['ipaddr']; @@ -238,7 +243,7 @@ if ($_POST) { if (!$tls_mode && !$pconfig['autokey_enable']) { $reqdfields = array('shared_key'); $reqdfieldsn = array('Shared key'); - } else { + } else { $reqdfields = explode(" ", "caref certref"); $reqdfieldsn = explode(",", "Certificate Authority,Certificate");; } @@ -260,6 +265,7 @@ if ($_POST) { if ($_POST['disable'] == "yes") $server['disable'] = true; $server['mode'] = $pconfig['mode']; + $server['authmode'] = $pconfig['authmode']; $server['protocol'] = $pconfig['protocol']; list($server['interface'], $server['ipaddr']) = explode ("|",$pconfig['interface']); $server['local_port'] = $pconfig['local_port']; @@ -370,7 +376,12 @@ function mode_change() { case "p2p_shared_key": document.getElementById("client_opts").style.display="none"; document.getElementById("remote_opts").style.display=""; + document.getElementById("authmodetr").style.display="none"; break; + case "server_user": + case "server_tls_user": + document.getElementById("authmodetr").style.display=""; + /* FALL THROUGH */ default: document.getElementById("client_opts").style.display=""; document.getElementById("remote_opts").style.display="none"; @@ -531,6 +542,22 @@ function netbios_change() { </select> </td> </tr> + <tr id="authmodetr" style="display:none"> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Backend for authentication");?></td> + <td width="78%" class="vtable"> + <select name='authmode' id='authmode' class="formselect"> + <option value="local" <?php if ($pconfig['authmode'] == "local") echo "selected";?>>Local authentication database</option> + <?php + foreach ($auth_servers as $auth_server): + $selected = ""; + if ($pconfig['authmode'] == $auth_server['name']) + $selected = "selected"; + ?> + <option value="<?=$auth_server['name'];?>" <?=$selected;?>><?=$auth_server['name'];?></option> + <?php endforeach; ?> + </select> + </td> + </tr> <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Protocol");?></td> <td width="78%" class="vtable"> |